add valid jwt rule

Author: milwad-dev

composer.json

@@ -19,7 +19,7 @@
       }
   ],
   "require": {
-    "laravel/framework": "^8.0|^9.0"
+    "laravel/framework": "^8.0|^9.0",
   },
   "require-dev": {
     "orchestra/testbench": "^5.0|^6.0|^7.0",

src/Rules/ValidJwt.php

@@ -0,0 +1,54 @@
+<?php
+
+namespace Milwad\LaravelValidate\Rules;
+
+use Illuminate\Contracts\Validation\Rule;
+
+class ValidJwt implements Rule
+{
+    /**
+     * Check jwt is valid.
+     *
+     * @param string $attribute
+     * @param mixed $value
+     * @return bool
+     * @throws \JsonException
+     */
+    public function passes($attribute, $value)
+    {
+        $tokenParts = explode('.', $value);
+        $header = base64_decode($tokenParts[0]);
+        $payload = base64_decode($tokenParts[1]);
+        $signature_provided = $tokenParts[2];
+
+        // check the expiration time - note this will cause an error if there is no 'exp' claim in the jwt
+        $expiration = json_decode($payload, false, 512, JSON_THROW_ON_ERROR)->exp;
+        $is_token_expired = ($expiration - time()) < 0;
+
+        // build a signature based on the header and payload using the secret
+        $base64_url_header = $this->base64url_encode($header);
+        $base64_url_payload = $this->base64url_encode($payload);
+        $signature = hash_hmac('SHA256', $base64_url_header . "." . $base64_url_payload, 'secret', true);
+        $base64_url_signature = $this->base64url_encode($signature);
+
+        // verify it matches the signature provided in the jwt
+        $is_signature_valid = ($base64_url_signature === $signature_provided);
+
+        return !($is_token_expired || !$is_signature_valid);
+    }
+
+    /**
+     * Get the validation error message.
+     *
+     * @return string
+     */
+    public function message()
+    {
+        return __('jwt');
+    }
+
+    private function base64url_encode($str)
+    {
+        return rtrim(strtr(base64_encode($str), '+/', '-_'), '=');
+    }
+}